Cyber criminals use different social engineering techniques to lure victims into performing activities that they would not normally do, like clicking links in spammed messages, downloading files, or filling out forms with confidential personal information.

These usually translate to profit for the cyber criminals, who are expected to attempt to exploit the holiday season as more Internet users are expected to be online this year — to search, shop, and purchase items on the Web.

Trend Micro ranked ten notable social engineering techniques which Internet users should always be on the lookout for.

10. Bargain-Hunter Scams. Cyber criminals use bogus discounts and promos to lure victims into clicking malicious links, or entering confidential information into fake sites. Products typically being used for these type of schemes are popular and hot retail items, which may make them irresistible to users. Last year we saw the Trojan TROJ_AYFONE.A take advantage of the release of Apple iPhone. The malware displayed fake advertisements as well as a fake website of an online store where the product can be bought.

9. Fake Charity Sites. Hurricanes Katrina and Gustav, the earthquake that hit China, the forest fires in California – these disasters were exploited by cyber criminals for their own gain through scamming and other means. The holiday season is also a time where most users are in a “generous & giving mood”, making the holidays the perfect time for cyber criminals to attempt to carry out their schemes. Generous users who respond to scam email messages or Web sites unfortunately end up not helping anyone in need, but instead robbed of their money or confidential information.

8. Greeting Cards — Bringing Bad Tidings. Electronic cards, or e-cards, are often used by cyber criminals as a lure for victims to click malicious links in spammed messages, and possibly “self-compromising” their PCs. This type of attack usually takes advantage of holiday seasons, when users are likely to send out e-cards, and may actually be expecting them from friends or relatives.

7. Malvertisements: Malicious Advertisements. Cyber criminals also use malicious advertisements and promos (posing as legitimate ads) to distribute malware, relying on the inclination of online shoppers to investigate bargains. Advertisements placed on high-trafficked websites are used as triggers for malware downloads. Popular sites such as Expedia.com & Rhapsody.com, Blick.com, and even MySpace, have been unwittingly harbored malicious banner ads in the past, which when clicked downloaded malware into users’ systems. It just goes to show that these malicious ads can literally be embedded almost anywhere.

6. Poisoned Christmas Shopping Search Results. Query results for certain strings are rigged with malicious scripts that could lead to various payloads – malware, phishing sites, dangerous URLs. Malware authors usually bank on different seasons in choosing which strings will yield the malicious results. In 2007, results to searches for the phrase “christmas gift shopping” were found yielding malicious results leading to a wide variety of malware. Earlier this year, results to “halloween costumes” were found to lead to a rogue antivirus software.

5. Compromised High-Traffic Websites. Compromised websites are major threats to online users since the point of infection happens in websites that are supposedly safe and trusted. As the holiday season draws near, shoppers are likely to flood online stores, auction sites, e-commerce sites to do their online shopping. Cyber criminals could then infect more victims by compromising popular and highly-trafficked websites.

4. Mining Personal Data — Bogus Gift Card Promos. Users in search of freebies or promos on the Web can place themselves at a higher risk in this type of attack, as seemingly harmless surveys are used to harvest personal data. Promises of retailer rewards, gift cards, or even cash, are used to trick victims into participating in bogus surveys — what they don’t know is that the survey page is actually a phishing site and that it is part of a plot to steal confidential information.

3. e-Commerce Phishing. eBay ranks as the most popular online retailer in 2007, having more than 124 million unique constituents. eBay also topped the list of the most phished websites. From identity theft to ratings manipulation, cyber criminals continuously weave sophisticated schemes to extort user information for financial gain.

2. Bogus Courier Receipts Delivering Trojans. Messages from popular couriers, alerting recipients of an undelivered package that needs to be retrieved — together with a file that is supposedly an invoice — are spammed to users to trick them into installing Trojans. Such a problem is quite a predicament for an online shopper, who is possibly waiting for his or her purchased item to be delivered by couriers for the holidays. UPS and FedEx are famous examples of couriers used by cyber criminals in this type of campaign.

1. Shopping Invoices for Ghost Transactions. Potential victims receive an email message telling them to open and print a “receipt” sent as an attachment to the message. The attached file however is not a real receipt, but a Trojan. Frequent online shoppers who are used to receiving such receipts are clearly the targets of this threat. On the other hand, users who are not online shoppers and are sure they didn’t make a purchase similar to that stated in the message may get curious and open the attachment as well. Rechnung spam runs are known for using this scheme; the most recent run spread WORM_OTORUN.C to victims who opened the attached “receipt.”

The Trend Micro Smart Protection Network provides security against these threats through its multilayered technology that guards systems against spam, dangerous URLs, and malicious files. The volume and sophistication of Web threats make it imperative that a multilayered, real-time protection is used, if online shoppers are ever to successfully and safely transact their activities online.

Share this article

This entry was posted
on
Monday, December 1st, 2008
at
3:04 pm and is filed under
Bad Sites, Exploits, Malware, Mobile, Spam .
Both comments and pings are currently closed.